2 reports · 2 sources · tracked since 1d ago

New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns

AI synthesis New Mistic backdoor linked to threat actor KongTuke targets insurance, education, IT, and professional services in financially motivated attacks since April 2026.

ransomware

Why this ranks Transparent score: 14

coverage +6 source breadth +4 urgency +0 freshness +4

What changed

Coverage timeline

Every report remains linked to its original publisher.

BleepingComputer Jun 24, 2026, 10:41 AM UTC First observed

Stealthy Mistic backdoor linked to ransomware access broker KongTuke ↗

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional services sectors. [...]
The Hacker News Jun 25, 2026, 8:54 AM UTC Coverage expanded

New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns ↗

A new, stealthy backdoor named Mistic has been deployed as part of suspected financially motivated attacks aimed at multiple organizations spanning insurance, education, IT, and professional services sectors since April 2026. According to Symantec and Carbon Black's Threat Hun...

Coverage timeline

Stealthy Mistic backdoor linked to ransomware access broker KongTuke ↗

New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns ↗